CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-25114
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ehabstar User Role user-roles allows Reflected XSS.This issue affects User Role: from n/a …

Mar 3, 2025
CVE-2025-25113
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Senktec Implied Cookie Consent implied-cookie-consent allows Reflected XSS.This issue affects Implied Cookie Consent: …

Mar 3, 2025
CVE-2025-25112
7.6 HIGH

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kareemsultan Social Links social-links allows Command Line Execution through SQL Injection.This …

Mar 3, 2025
CVE-2025-25109
8.1 HIGH

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky WP Vehicle Manager js-vehicle-manager allows PHP Local File …

Mar 3, 2025
CVE-2025-25108
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shalomworld SW Plus shalom-world-media-gallery allows Reflected XSS.This issue affects SW Plus: from n/a …

Mar 3, 2025
CVE-2025-25102
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Harrison Yahoo BOSS yahoo-boss allows Reflected XSS.This issue affects Yahoo BOSS: from …

Mar 3, 2025
CVE-2025-25099
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accreteinfosolution Appointment Buddy Widget appointment-buddy-online-appointment-booking-by-accrete allows Cross-Site Scripting (XSS).This issue affects Appointment Buddy …

Mar 3, 2025
CVE-2025-25092
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gtlwpdev All push notification for WP all-push-notification allows Reflected XSS.This issue affects All …

Mar 3, 2025
CVE-2025-25090
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dreamstime Dreamstime Stock Photos dreamstime-stock-photos allows Reflected XSS.This issue affects Dreamstime Stock Photos: …

Mar 3, 2025
CVE-2025-25089
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in appten Image Rotator appten-image-rotator allows Reflected XSS.This issue affects Image Rotator: from n/a …

Mar 3, 2025
CVE-2025-25087
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim seekXL Snapr seekxl-snapr allows Reflected XSS.This issue affects seekXL Snapr: from n/a …

Mar 3, 2025
CVE-2025-25083
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dave Lavoie EP4 More Embeds ep4-more-embeds allows Stored XSS.This issue affects EP4 More …

Mar 3, 2025
CVE-2025-25070
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ed atrero Album Reviewer albumreviewer allows Stored XSS.This issue affects Album Reviewer: from …

Mar 3, 2025
CVE-2025-24758
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations cm-map-locations allows Reflected XSS.This issue affects CM Map Locations: …

Mar 3, 2025
CVE-2025-24694
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Reflected XSS.This issue affects CM Pop-Up banners: …

Mar 3, 2025
CVE-2025-23956
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman WP Easy Post Mailer wp-mailer allows Reflected XSS.This issue affects WP …

Mar 3, 2025
CVE-2025-23945
7.5 HIGH

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Webliup Popliup popliup allows PHP Local File Inclusion.This issue …

Mar 3, 2025
CVE-2025-23904
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: …

Mar 3, 2025
CVE-2025-23903
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woofx Local Shipping Labels for WooCommerce local-shipping-labels-for-woocommerce allows Reflected XSS.This issue affects Local …

Mar 3, 2025
CVE-2025-23883
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in unalignedcoder Stray Random Quotes stray-quotes allows Reflected XSS.This issue affects Stray Random Quotes: …

Mar 3, 2025
CVE-2025-23881
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in littlejon LJ Custom Menu Links lj-custom-menu-links allows Reflected XSS.This issue affects LJ Custom …

Mar 3, 2025
CVE-2025-23879
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PillarDev Easy Automatic Newsletter Lite easy-automatic-newsletter allows Reflected XSS.This issue affects Easy Automatic …

Mar 3, 2025
CVE-2025-23852
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robin90 First Comment Redirect first-comment-redirect allows Reflected XSS.This issue affects First Comment Redirect: …

Mar 3, 2025
CVE-2025-23850
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojowill Mojo Under Construction mojo-under-construction allows Reflected XSS.This issue affects Mojo Under Construction: …

Mar 3, 2025
CVE-2025-23847
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in saill Site Launcher site-launcher allows Reflected XSS.This issue affects Site Launcher: from n/a …

Mar 3, 2025
CVE-2025-23843
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphrmanager WP-HR Manager: The Human Resources Plugin for WordPress wp-hr-manager allows Reflected XSS.This …

Mar 3, 2025
CVE-2025-23814
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRUDLab CRUDLab Like Box crudlab-facebook-like-box allows Reflected XSS.This issue affects CRUDLab Like Box: …

Mar 3, 2025
CVE-2025-23813
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tony Hayes Guten Free Options guten-free-options allows Reflected XSS.This issue affects Guten Free …

Mar 3, 2025
CVE-2025-23762
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Sternberg DsgnWrks Twitter Importer dsgnwrks-twitter-importer allows Reflected XSS.This issue affects DsgnWrks Twitter …

Mar 3, 2025
CVE-2025-23753
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digireturn DN Sitemap Control dn-sitemap-control allows Reflected XSS.This issue affects DN Sitemap Control: …

Mar 3, 2025
CVE-2025-23741
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian Chaillou Notifications Center notifications-center allows Reflected XSS.This issue affects Notifications Center: from …

Mar 3, 2025
CVE-2025-23740
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zbynek Nedoma Easy School Registration easy-school-registration allows Reflected XSS.This issue affects Easy School …

Mar 3, 2025
CVE-2025-23739
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jtibbles WP Ultimate Reviews FREE wp-ultimate-reviews-free allows Reflected XSS.This issue affects WP Ultimate …

Mar 3, 2025
CVE-2025-23738
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Padam Shankhadev Ps Ads Pro ps-ads-pro allows Reflected XSS.This issue affects Ps Ads …

Mar 3, 2025
CVE-2025-23736
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webgdawg Form To JSON form-to-json allows Reflected XSS.This issue affects Form To JSON: …

Mar 3, 2025
CVE-2025-23731
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in infosoftplugin Tax Report for WooCommerce tax-report-for-woocommerce allows Reflected XSS.This issue affects Tax Report …

Mar 3, 2025
CVE-2025-23726
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thebloghouse ComparePress comparepress allows Reflected XSS.This issue affects ComparePress: from n/a through <= …

Mar 3, 2025
CVE-2025-23721
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cloudvn Mobigate mobigatevn allows Reflected XSS.This issue affects Mobigate: from n/a through <= …

Mar 3, 2025
CVE-2025-23718
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mancx Mancx AskMe Widget mancx-askme-widget allows Reflected XSS.This issue affects Mancx AskMe Widget: …

Mar 3, 2025
CVE-2025-23716
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JkmAS Login Watchdog login-watchdog allows Stored XSS.This issue affects Login Watchdog: from n/a …

Mar 3, 2025
CVE-2025-23688
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in editionskezzal Cobwebo URL Plugin cobwebo-url allows Reflected XSS.This issue affects Cobwebo URL Plugin: …

Mar 3, 2025
CVE-2025-23670
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in montashov 4 author cheer up donate 4-author-cheer-up-donate allows Reflected XSS.This issue affects 4 …

Mar 3, 2025
CVE-2025-23668
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mauricio Urrego ChatGPT Open AI Images & Content for WooCommerce glasses-for-woocommerce allows Reflected …

Mar 3, 2025
CVE-2025-23663
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Vaquez Contexto contexto allows Reflected XSS.This issue affects Contexto: from n/a through …

Mar 3, 2025
CVE-2025-23637
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fxy060608 新淘客WordPress插件 wp-xintaoke allows Reflected XSS.This issue affects 新淘客WordPress插件: from n/a through <= …

Mar 3, 2025
CVE-2025-23635
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mobde3net ePermissions epermissions allows Reflected XSS.This issue affects ePermissions: from n/a through <= …

Mar 3, 2025
CVE-2025-23619
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Catch Themes Catch Duplicate Switcher catch-duplicate-switcher allows Reflected XSS.This issue affects Catch Duplicate …

Mar 3, 2025
CVE-2025-23616
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Canalplan canalplan-ac allows Reflected XSS.This issue affects Canalplan: from n/a through <= …

Mar 3, 2025
CVE-2025-23600
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pinal.shah Send to a Friend Addon send-booking-invites-to-friends allows Reflected XSS.This issue affects Send …

Mar 3, 2025
CVE-2025-23595
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainpulse Page Health-O-Meter page-health-o-meter allows Reflected XSS.This issue affects Page Health-O-Meter: from n/a …

Mar 3, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.